Internal Server Error encountered on IDP side when attempting to validate Authhub migration Carbon Black Cloud with PingFederated
search cancel

Internal Server Error encountered on IDP side when attempting to validate Authhub migration Carbon Black Cloud with PingFederated

book

Article ID: 394702

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Internal Server Error encountered after redirect to IDP when testing login after Authhub migration for PingFederated for Carbon Black Cloud

Environment

  • Carbon Black Cloud Console: All Versions

Cause

  • Default values shows in PingFederated console for Step 4  ("Configure Authhub") in the Authhub Migration Wizard will not work with Authhub SAML
  • Authhub does not send signature by default and PingFederated expects a signature

Resolution

  1. Use Recovery User credentials to revert migration, and re-run the migration wizard
  2. In Step 4 of the Authhub Migration wizard, export your SAML XML metadata from PingFederated
  3. Open the exported xml in a text editor, and obtain the values of the following fields:
    • entityID
    • Location
  4. Add value of entityID in the "Entity ID" field in the Authhub Migration Wizard 
  5. Add value of Location in the "Single sign-on URL" field in the Authhub Migration Wizard.  Value should end in "/idp/SSO.saml2"
  6. In PingFederated console, make sure your Signature Policy is set to "Sign Response As Required" as per vendor documentation
  7. Complete migration again and test/confirm login

Additional Information

Powered by Wolken Software